https://bz.apache.org/bugzilla/show_bug.cgi?id=64394
--- Comment #4 from Mark Thomas <ma...@apache.org> --- 1. Arguably not Tomcat's problem. That said, adding something to the TLS section of the HTTP/1.1 connector docs for truststoreType (and certificateKeystoreType) and/or the SSL How-To would probably reach a wider audience. 2. That is an issue with the upgrade process. See https://bz.apache.org/bugzilla/show_bug.cgi?id=64395#c3 for better ways to handle that. 3. No-one is suggesting that you use the Java trust store When you add the TLS connector configuration to server.xml (which you are going to have to do anyway), simply use: truststoreType="Windows-ROOT" and don't set truststoreFile This has the advantage that the complete configuration for the TLS connector is explicitly defined in server.xml rather that partly in server.xml and partly via system properties. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
